Privacy Coin Firo Temporarily Disables Protocol to Investigate 'Suspicious Transactions'

Core devs have activated their emergency switch to temporarily disable Lelantus.

AccessTimeIconFeb 26, 2021 at 8:26 p.m. UTC
Updated Sep 14, 2021 at 12:18 p.m. UTC

The team behind the privacy coin Firo has identified multiple Lelantus transactions that are “suspicious,” according to project steward Reuben Yap. In response, developers have activated their emergency switch to temporarily disable Lelantus to give them time to investigate and identify the issue. 

“Our core team is working with several parties, including engineers from Trail of Bits (who audited our Lelantus cryptographic library), another cryptographer and a black hat to identify the issue. We have made significant progress in narrowing down the cause and are working on a proof-of-concept code to verify that what we’ve found is the core issue before resuming Lelantus functionality. Our team is also determining a plan to restore Lelantus functionality with minimum impact.”

The Lelantus protocol was launched in mid-January 2021. It introduced “on-by-default” privacy and prompts users to anonymize their funds with the goal of ensuring transactions sent by official Firo wallets stay private. Transparent transactions will now have to be explicitly selected. It also allows for partial redemptions of Firo’s burn-and-redeem model, which previously had to be redeemed in full. 

This is the second in a pair of challenges that has arisen since the launch on Jan. 14. Less than a week later, Firo experienced a 51% attack that forced it to push a hotfix to address the issue. 

The Firo devs were able to disable the Lelantus protocol based on a previous vote that gave the core team the ability to temporarily “turn off and on features like Lelantus, chainlocks and instant send.”

“While we have taken practical precautions including audits and review, developing cutting-edge privacy tech comes with risk,” said Yap in last night’s post. “The safeguards we put in place in recognition of this has mitigated damage as the technology matures and becomes battle-tested.”

The Firo privacy coin is down 13.3% in the last 24 hours. 


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.